Facebook

Working in IT for the U.S. DoD

Working in IT for the U.S. DoD

Step into the world of U.S. DoD IT roles. Equip yourself with the knowledge of pivotal DoD Directives and achieve the certifications that set you apart.

DoD Directives 8570, 8570.01-M, and 8140

If you’re interested in working in any technology-related role for the U.S. Department of Defense, you are required per Directive 8140 (which replaced Directive 8570) to obtain and maintain industry certification credentials that have been accredited by the American National Standards Institute (ANSI). This is true for everyone (both civilians and those still serving in the military) who will have privileged access to DoD’s Information Systems.

CCS Learning Academy offers qualified certificate courses from accreditors like CompTIA, (ISC)2, and more! Veterans can work with us to get the credentials they need to be hired for DoD cybersecurity jobs. We can also help individuals obtain the continuing education credits necessary to maintain their existing certifications.

cybersecurity_screen-min

73 %

of workers say that the top benefit of certification is credibility.

57 %

of workers say a certification will help them advance in their current job.

56 %

of workers say a certification will improve their chances for a new position.

In recent CompTIA research, the large majority of IT and business executives involved in security indicated that IT staff certification has made a difference.

CCS Learning Academy

CCS Learning Academy Logo

Trusted experts in the technology sector since 1997

IT & business training for professionals at all levels

A network of trainers and clients spanning the entire U.S.

Certifications Approved for DoD Directive 8140/8570.01-M

DoD Directive 8140 is a replacement on and expansion of Directive 8570, which was first released in 2005 to help the DoD manage and audit its cybersecurity personnel. Since then, both the world and technology have changed – a lot! DoD 8140 is the result of several important decisions made to better reflect today’s tech landscape and job market.

Among other updates to DoD 8570, DoD 8140 covers the following:

  • Updates and expansions on DoD policies, processes, and responsibilities around managing its cybersecurity workforce.
  • The establishment of a DoD cyberspace workforce management council.
  • Unification and alignment of technology work roles with regard to baseline qualifications and training requirements.

DoD technology jobs are an excellent fit for many Veterans, as their experiences and clearances translate into distinct advantages in this environment. CCS Learning Academy can help you understand what career pathways are available, what certifications you will need along the way, and how to launch a successful IT career at the U.S. DoD.

DoD-8140_8570.01

Download this guide to see the complete roadmap to success for aspiring DoD technology professionals per Directive 8140/8570.01-M.

More CompTIA Certifications Now Approved for Directive 8140/8570.01-M!

CompTIA is proud to be the leading choice in certifications for DoD personnel and contractors, helping hundreds of thousands of servicemen, servicewomen, and DoD civilians to meet their Directive 8140/8570 requirements. CompTIA certifications also serve as the building blocks for more advanced certifications; for example, CompTIA Network+ and Security+ are accepted as prerequisites to the Microsoft Software & Systems Academy training course.

CompTIA_badge_aplus-min-150x150

CompTIA A+

This credential validates the foundational knowledge for IT Technical Support. It’s recognized as the standard for foundation-level IT knowledge and skills, including installing, configuring, diagnosing and preventive maintenance of hardware and software components, as well as networks and soft skills.

CompTIA_badge_networkplus-min-150x150

CompTIA Network+

This credential validates the knowledge of networking professionals with at least 9-12 months of experience in network support or administration or adequate academic training. Many corporations recommend or require this certification for their IT employees; it is one of CompTIA’s core certifications.

CompTIA_badge_securityplus-min-150x150

CompTIA Security+

This credenttial validates mastery of security knowledge for an individual with two years of on-the-job networking experience, with emphasis on security. The exam covers threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; risk management; and cryptography and PKI.

CompTIA_badge_cloudplus-min-150x150

CompTIA Cloud+

Approved for three 8140/8570 job roles, this certification validates the expertise needed to maintain and optimize cloud infrastructure services. IT professionals with a Cloud+ certification can better realize the return on investment of cloud infrastructure services. Cloud+ reflects the breadth of skills needed for data center job roles.

CompTIA_badge_cysaplus-min-150x150

CompTIA CySA+

Approved for five 8140/8570 job roles, this is designed for IT security analysts as well as vulnerability and threat intelligence analysts. The successful candidate has the knowledge and skills required to configure and use threat detection tools, perform data analysis, and interpret the results to identify vulnerabilities, threats, and risks to an organization.

CompTIA_badge_caspplus-min-150x150

CompTIA CASP+

This certification is designed to meet the growing demand for advanced IT security in the enterprise. It tests critical thinking and judgment across a broad spectrum of security disciplines and requires candidates to implement clear solutions in complex environments. The exam covers enterprise security, risk management and incident response, research and analysis, integration of computing, and communications and business disciplines as well as technical integration of enterprise components.

Why choose CCS Learning Academy?

CCS Learning Academy is one of the industry’s top CompTIA training partners, and we have a team dedicated to working exclusively with transitioning and experienced Veterans. We are honored to assist U.S. service members in transitioning from active duty to high-paying careers in the civilian IT workforce.

Your future is waiting.

Start the next phase of your career today!

Certifications Approved for DoD Directive 8570.01

While DoD Directive 8140 was issued to update and replace DoD 8570, the older Directive 8570 (technically, 8570.01) is still around. It may take a long time to issue a comprehensive manual covering the 8140 security requirements, which is why DoD 8140 still refers to the DoD 8570 manual (“DoD 8570.01-M”).

Like its successor, DoD 8570 requires all users of DoD information systems to meet certain compliance requirements. These requirements include holding certifications accredited by the American National Standards Institute (ANSI). Per the Directive, there are three levels of certification for Information Assurance Technicians (IAT) and Information Assurance Management (IAM) professionals. Anyone wishing to hold these kinds of positions at the U.S. DoD must obtain at least one of the certifications required for the relevant job level.

DoD-8570.01

Download this guide to see the full list of approved baseline certifications per DoD Directive 8570.01.

DoD 8140, 8570.01-M, and 8570-Approved Courses from CCS Learning Academy

CISM: Certified Information Security Manager

38 Lessons
24 hours
Intermediate
What you'll learn
Our CISM certification training and CISM online course provide in-depth coverage of the four domains required to pass the CISM exam.
Domain 1: Information Security Governance
Domain 2: Information Risk Management and Compliance
Domain 3: Information Security Program Development and Management
Domain 4: Information Security Incident Management

CRISC: Certified Risk and Information Systems Control

27 Lessons
24 hours
Intermediate
What you'll learn
By the end of either the CRISC certification training or CRISC online training course, you will master the four CRISC domains.
Domain 1: IT Risk Identification
Domain 2: IT Risk Assessment
Domain 3: Risk Response and Mitigation
Domain 4: Risk Control, Monitoring, and Reporting

CGEIT: Certified in the Governance of Enterprise IT

32 hours
Intermediate
What you'll learn
Follow the format and structure of the CGEIT Certification Exam
Identify the various topics and technical areas covered by the exam
Enable students to implement strategies, tips, and techniques for taking and passing the exam
Apply key learning to practice questions
Intermediate

CompTIA PenTest+

$3,495.00

CompTIA PenTest+

40 hours
Intermediate
What you'll learn
Plan and scope penetration tests.
Conduct passive reconnaissance.
Perform non-technical tests to gather information.
Conduct active reconnaissance.
Analyze vulnerabilities.
Penetrate networks.
Exploit host-based vulnerabilities.
Test applications.
Complete post-exploit tasks.
Analyze and report pen test results.

SSCP – Systems Security Certified Practitioner

40 hours
Beginner
What you'll learn
In-depth coverage of the seven domains required to pass the SSCP exam.
Domain 1: Access Control
Domain 2: Security Operations and Administration
Domain 3: Risk Identification, Monitoring, and Analysis
Domain 4: Incident Response and Recovery
Domain 5: Cryptography
Domain 6: Networks and Communications Security
Domain 7: Systems and Application Security

CSSLP – Certified Secure Software Lifecycle Professional

40 hours
All Levels
What you'll learn
The course on CSSLP teaches how to secure your applications. After having CSSLP certification from (ISC) ², your application security capability within the software development lifecycle will be authorized. In-depth coverage of the eight domains required to pass the CSSLP exam.
Domain 1: Secure Software Concepts
Domain 2: Security Software Requirements
Domain 3: Secure Software Design
Domain 4: Secure Software Implementation/Coding
Domain 5: Secure Software Testing
Domain 6: Software Acceptance
Domain 7: Software Deployment, Operation, Maintenance and Disposal
Domain 8: Supply Chain and Software Acquisition
Featured
Intermediate

Certified Ethical Hacker | CEH

$3,095.00

Certified Ethical Hacker | CEH

40 hours
Intermediate
What you'll learn
Information security controls, laws, and standards.
Foot printing, foot printing tools, and countermeasures.
Network scanning techniques and scanning countermeasures.
Enumeration techniques and enumeration countermeasures.
Vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems.
System hacking methodology, steganography, stag analysis attacks, and covering tracks to discover system and network vulnerabilities.
Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures.
Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing.
Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures.
DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures.
Session hijacking techniques to discover network-level session management, authentication/authorization, and cryptographic weaknesses and countermeasures.
Web Server attacks and a comprehensive attack methodology to audit vulnerabilities in web server infrastructure, and countermeasures.
Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures.
SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures.
Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools.
Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools.
Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures.
Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools.
Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap.
Threats to IoT and OT platforms and defending IoT and OT devices.
Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools.

Computer Hacking Forensic Investigator | CHFI

16 Lessons
40 hours
Intermediate
What you'll learn
Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
Perform anti-forensic methods detection
Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router, firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process.
Identify & check the possible source / incident origin.
Recover deleted files and partitions in Windows, Mac OS X, and Linux
Conduct reverse engineering for known and suspected malware files
Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents
The computer forensic investigation process and the various legal issues involved
Evidence searching, seizing, and acquisition methodologies in a legal and forensically sound manner
Types of digital evidence, rules of evidence, digital evidence examination process, and electronic crime and digital evidence consideration by crime category
Roles of the first responder, first responder toolkit, securing and evaluating electronic crime scene, conducting preliminary interviews, documenting electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, and reporting the crime scene
Setting up a computer forensics lab and the tools involved in it
Various file systems and how to boot a disk
Gathering volatile and non-volatile information from Windows
Data acquisition and duplication rules
Validation methods and tools required
Recovering deleted files and deleted partitions in Windows, Mac OS X, and Linux
Forensic investigation using AccessData FTK and EnCase
Steganography and its techniques
Steganalysis and image file forensics
Password cracking concepts, tools, and types of password attacks
Investigating password protected files
Types of log capturing, log management, time synchronization, and log capturing tools
Investigating logs, network traffic, wireless attacks, and web attacks
Tracking emails and investigating email crimes
Mobile forensics and mobile forensics software and hardware tools
Writing investigative reports
Dark Web Forensics and IOT Forensics

CompTIA Cybersecurity Analyst (CySA+)

40 hours
Beginner
What you'll learn
Assess information security risk in computing and network environments.
Analyze reconnaissance threats to computing and network environments.
Analyze attacks on computing and network environments.
Analyze post-attack techniques on computing and network environments.
Implement a vulnerability management program.
Collect cybersecurity intelligence.
Analyze data collected from security and event logs.
Perform active analysis on assets and networks.
Respond to cybersecurity incidents.
Investigate cybersecurity incidents.
Address security issues with the organization’s technology architecture.

Certified Chief Information Security Officer | CCISO

32 Lessons
40 hours
All Levels
What you'll learn
Prepare for the CCISO exam
Navigate the day-to-day responsibilities of a CISO
Consider the technical aspects of the CISO role from an executive perspective
Plan security and financial strategies
Align CISO tasks with business goals and risk tolerance
Intermediate

ISO/IEC 27001 Lead Auditor

$2,749.00

ISO/IEC 27001 Lead Auditor

5 Lessons
40 hours
Intermediate
What you'll learn
Understand the operations of an Information Security Management System based on ISO/IEC 27001
Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011
Learn how to lead an audit and audit team
Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011
Intermediate

ISO/IEC 27001 Lead Implementer

$2,749.00

ISO/IEC 27001 Lead Implementer

5 Lessons
40 hours
Intermediate
What you'll learn
Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
Understand the operation of an information security management system and its processes based on ISO/IEC 27001
Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

ISO/IEC 27032 Lead Cybersecurity Manager

5 Lessons
40 hours
Intermediate
What you'll learn
Acquire comprehensive knowledge on the elements and operations of a Cybersecurity Program in conformance with ISO/IEC 27032 and NIST Cybersecurity framework
Acknowledge the correlation between ISO 27032, NIST Cybersecurity framework and other standards and operating frameworks
Master the concepts, approaches, standards, methods and techniques used to effectively set up, implement, and manage a Cybersecurity program within an organization
Learn how to interpret the guidelines of ISO/IEC 27032 in the specific context of an organization
Master the necessary expertise to plan, implement, manage, control and maintain a Cybersecurity Program as specified in ISO/IEC 27032 and NIST Cybersecurity framework
Acquire the necessary expertise to advise an organization on the best practices for managing Cybersecurity
Intermediate

ISO 31000 Lead Risk Manager

$2,749.00

ISO 31000 Lead Risk Manager

5 Lessons
40 hours
Intermediate
What you'll learn
Understand the risk management concepts, approaches, methods, and techniques
Learn how to interpret the ISO 31000 principles and framework in the context of an organization
Learn how to apply the ISO 31000 risk management process in an organization
Learn how to establish a risk recording and reporting process and an effective risk communication plan
Develop the ability to effectively manage, monitor, and review risk in an organization based on best practices
Intermediate

ISO/IEC 27005 Lead Risk Manager

$2,749.00

ISO/IEC 27005 Lead Risk Manager

5 Lessons
40 hours
Intermediate
What you'll learn
Master the concepts, approaches, methods and techniques that enable an effective risk management process based on ISO/IEC 27005
Acknowledge the correlation between Information Security risk management and security controls
Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
Acquire the competence and skills to effectively advise organizations on Information Security Risk Management best practices
Acquire the knowledge necessary for the implementation, management and maintenance of an ongoing risk management program

To say CCS helped me jumpstart my career is an understatement. CCS helps fresh graduates start their professional journey. They provide comprehensive training both technically and professionally that not only prepares you for a full-time job but also helps make you successful in other aspects of your life.

– Santosh Gadila
Senior IT Analyst
U.S. Department of Veteran Affairs

Get Certified for IT Jobs at the U.S. DoD

Call us at (858) 208-4141 or fill out the form below to get in touch with CCS Learning Academy’s Veteran team.
Upload Your Resume
(if applicable)

File(s) size limit is 20MB.

🚀 Get Up to 33% OFF on Top Courses + FREE e-learning subscription (worth $1595).
This is default text for notification bar